Systems and methods for authenticating the identity of a user prior to giving access to confidential data at a user interface via a network are described. In an exemplary implementation in an Internet environment, a server hosts an application providing selective access by the user to confidential data related to the user. The user provides initial data to the application as part of a request to access the confidential data. At least one database having the confidential data stored therein is accessed by the server to retrieve confidential data relating to the user located in the database based on the initial data received from the client interface. An authentication function causes the server to transmit to the client interface and present to the user an incomplete portion of the confidential data relating to the user, which is not identical to the initial data, along with at least one other portion of data having a substantially identical format to the incomplete portion of the confidential data. The authentication function requests the user to provide additional data to complete the incomplete portion of the confidential data. The user is granted access to the confidential data subsequent to determination by the application that the user correctly completed the incomplete portion of the confidential data.
Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A system for accessing confidential data of a user via a network, the system comprising: a server hosting an application providing selective access by the user to confidential data related to the user; a client interface capable of interfacing with the server via the application; at least one database having the confidential data stored therein, the database in communication with the server; a processor configured to execute the application, wherein the application includes a multi-layer authentication function that causes the server to: request and receive initial authentication data from the user, the initial authentication data comprising wallet data associated with the user, using the initial authentication data, search for confidential data associated with the user in the at least one database, and if confidential data associated with the user is found, transmit to the client interface and present to the user a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option, receive a selection from the user of a selected one of the options, and if the selected one of the options is the correct option, request and receive entry of additional data by the user to complete the incomplete portion of the confidential data associated with the user, and if the additional data correctly completes the confidential data of the user, grant access to the user of the user's confidential data.
A system for verifying user identity includes a server hosting an application which grants users access to their confidential data stored in a database. The system uses a client interface for users to interact with the server. The process involves the user providing initial authentication data (wallet data) which is used to search the database for the user's confidential data. If found, the system presents the user with multiple randomly ordered options, one of which is a correct option showing an incomplete portion of their confidential data. Other options are false, but similarly formatted. If the user selects the correct option, they are prompted to enter additional data to complete the missing portion. Upon successful completion, the user is granted access to their confidential data.
2. The system of claim 1 , wherein the incomplete portion of the confidential data is based on non-wallet information.
The identity verification system described previously (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion) uses an incomplete portion of the confidential data that is based on information besides wallet data for authentication.
3. The system of claim 1 , wherein the incomplete portion of the confidential data comprises an incomplete portion of a telephone number associated with the user.
The identity verification system described previously (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion) uses an incomplete portion of a user's telephone number as the incomplete confidential data presented for authentication.
4. The system of claim 3 , further comprising an automated telephone calling system in communication with the server for placing a telephone call to the telephone number associated with the user when the server receives data indicative of the user completing the incomplete telephone number via entry into the client interface.
The identity verification system utilizing partial telephone number completion for authentication (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete telephone number options for completion, and granting access upon successful completion) includes an automated telephone calling system that calls the user's phone number when the server detects successful completion of the incomplete phone number via the client interface.
5. The system of claim 4 , wherein the automated telephone calling system communicates instructions to the user via the telephone call to complete authentication.
The identity verification system with telephone call verification (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete telephone number options for completion, granting access upon successful completion, and calling the user's phone) communicates instructions to the user via the telephone call to further complete the authentication process.
6. The system of claim 4 , wherein the automated telephone calling system communicates a PIN via the telephone call to the user for use in authentication via the application.
The identity verification system using phone call verification (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete telephone number options for completion, granting access upon successful completion, and calling the user's phone) communicates a PIN to the user via the telephone call, which the user then uses within the application for further authentication.
7. The system of claim 1 , further comprising an automated telephone calling system in communication with the server for placing a telephone call to a telephone number obtained from the confidential data.
The identity verification system (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion) incorporates an automated telephone calling system that calls a telephone number retrieved from the user's confidential data.
8. The system of claim 7 , wherein the automated telephone calling system communicates a PIN via the telephone call to the user for use in authentication via the application.
The identity verification system that calls a user's phone number for authentication (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion, calling the user's phone), communicates a PIN to the user via the telephone call to be used within the application for authentication.
9. The system of claim 8 , wherein the PIN is randomly generated.
In the identity verification system where a PIN is sent via a phone call (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion, calling the user's phone, sending a PIN), the PIN is randomly generated.
10. The system of claim 8 , wherein the PIN expires after a predetermined time period.
In the identity verification system where a PIN is sent via phone (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion, calling the user's phone, sending a PIN), the PIN expires after a specific, predetermined period of time.
11. The system of claim 1 , wherein the confidential data comprises data from a record selected from the group consisting of a credit record, a tax record, a medical record, a financial record and an insurance record.
The identity verification system (a server hosting an application which grants users access to their confidential data stored in a database, using a client interface and wallet data for initial authentication, presenting incomplete data options for completion, and granting access upon successful completion) stores confidential data that includes a credit record, a tax record, a medical record, a financial record, or an insurance record.
12. A method for authenticating an identity of a user seeking access to data related to the user via a client device in communication with a server, the method comprising the steps of: requesting by the server and receiving from the client device initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; using the initial authentication data, searching for confidential data associated with the user in a database associated with the server, and if confidential data is found, sending to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option; receiving a selection from the user of a selected one of the options, and if the selected one of the options is the correct option; requesting by the server and receiving from the client device additional data entered by the user in an attempt to complete the incomplete; portion of the confidential data associated with the user; determining by the server whether the additional data entered by the user correctly completes the incomplete portion of the confidential data and granting the user access to the data related to the user if the server determines that the additional data entered by the user correctly completes the incomplete portion of the confidential data.
A method for verifying user identity involves a server requesting and receiving initial authentication data (wallet information) from a client device. The server uses this data to search a database for the user's confidential information. If found, the method sends a series of randomly ordered options to the client. One option is the correct, incomplete portion of the user's data, while the others are false but similarly formatted. The server receives the user's selection. If the correct option is selected, the server asks for additional data to complete the incomplete portion. If the provided data correctly completes the information, the user is granted access to their data.
13. The method of claim 12 , wherein the incomplete portion of the confidential data is a partial telephone number associated with the user.
In the method for verifying user identity via incomplete data completion (requesting wallet info, presenting incomplete data options, completing missing portions), the incomplete portion of the confidential data presented to the user is a partial telephone number.
14. The method of claim 12 , wherein the incomplete portion of the confidential data is based on non-wallet information.
In the method for verifying user identity via incomplete data completion (requesting wallet info, presenting incomplete data options, completing missing portions), the incomplete portion of the confidential data is based on information that is not wallet information.
15. The method of claim 12 , further comprising the step of: prior to granting the user access to the data, placing a call to a telephone number within the confidential data associated with the user if the server determines that the additional data entered by the user correctly completes the incomplete portion of the confidential data.
The method for user identity verification through data completion (requesting wallet info, presenting incomplete data options, completing missing portions and granting access) places a phone call to a phone number within the confidential data associated with the user *before* granting access, and only if the user successfully completes the incomplete data.
16. The method of claim 15 , further comprising the step of: prior to granting the user access to the data, communicating a PIN to be entered by the user into one of either the client device or a device associated with the telephone number.
The method for user identity verification via data completion and phone call (requesting wallet info, presenting incomplete data options, completing missing portions, completing missing portions and granting access, placing a phone call to a phone number within the confidential data associated with the user if the user successfully completes the incomplete data) further includes communicating a PIN to the user via the client device OR a device associated with the telephone number, prior to granting data access.
17. A non-transitory computer-readable medium having computer-executable instructions for performing steps of a server process for authenticating an identity of a user seeking access to confidential data related to the user over a network via a client interface, the steps comprising: requesting and receiving from the client interface initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; using the authentication data, searching for confidential data associated with the user in a database associated with the server, and if confidential data associated with the user is found, sending to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option; receiving a selection from the user of a selected one of the options, and if the selected one of the options is the correct option; requesting and receiving from the client interface additional data entered by the user in an attempt to complete the incomplete portion of the confidential data associated with the user; determining whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; and granting the user access to the confidential data associated with the user if the additional data entered by the user correctly completes the incomplete portion of the confidential data.
A non-transitory computer-readable medium stores instructions for a server to verify user identity. The steps include requesting and receiving initial authentication data (wallet information) from a client. The server searches a database for the user's confidential data. If found, the server sends multiple randomly ordered options to the client, one of which is the correct, incomplete data, with the others being similar but false. The server receives the user's selection. If the correct option is picked, the server requests additional data to complete the incomplete part. If the user correctly completes the data, the server grants access to the user's confidential data.
18. The non-transitory computer-readable medium of claim 17 , further comprising the step of: prior to granting the user access to the confidential data, placing a call to a telephone number within the confidential data if the additional data entered by the user correctly completes the incomplete portion of the confidential data.
The computer-readable medium for user identity verification using incomplete data options (requesting wallet info, presenting incomplete data options, completing missing portions) *before* granting access to the user's confidential data, performs the step of placing a phone call to a telephone number contained within the confidential data, but only if the user has correctly completed the incomplete data.
19. The non-transitory computer-readable medium of claim 18 , further comprising the step of: prior to granting the user access to the confidential data, communicating a PIN to be entered by the user into one of either the client interface or a device associated with the telephone number.
The computer-readable medium for user identity verification with phone verification (requesting wallet info, presenting incomplete data options, completing missing portions, granting access only after a phone call is made to a number in the confidential data) performs the step of communicating a PIN to be entered by the user into either the client interface or the device associated with the phone number to which the call was made, prior to granting access.
20. A non-transitory computer readable medium having software code for execution on a computer processor, for authenticating an identity of a user seeking access to confidential data related to the user over a network via a client interface, comprising: a first code segment for requesting and receiving from the client interface initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; a second code segment for initiating a search, using the initial authentication data, for confidential data associated with the user in at least one database, a third code segment for sending to the client interface a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete portion of the confidential data associated with the user, and wherein the other selectable options correspond to false options provided in a format similar to the correct option; a fourth code segment for requesting and receiving from the client interface a selection from the user of a selected one of the options; a fifth code segment for determining whether the selected one of the options is the correct option; a sixth code segment for requesting by the server and receiving from the client interface additional data entered by the user to complete the incomplete portion of the confidential data associated with the user; a seventh code segment for determining whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; and an eighth code segment for granting the user access to the confidential data related to the user if the additional data entered by the user correctly completes the incomplete portion of the confidential data.
A non-transitory computer readable medium contains software to authenticate users. Code segments perform the following: (1) request and receive wallet info; (2) search for user data in a database; (3) send multiple answer options to the client, where one is the correct, incomplete answer; (4) receive the user selection; (5) determine if selection is correct; (6) request and receive additional data to complete the incomplete part; (7) determine if additional data correctly completes the answer; (8) if the answer is correct, grant the user access to their confidential data.
21. A system for accessing confidential data of a user via a network, the system comprising: a server having a processor and hosting an application providing selective access by the user to confidential data related to the user, the server capable of communication with at least one database having the confidential data stored therein and a client interface via the application; the processor configured to execute the application, wherein the application includes a multi-layer authentication function that causes the server to: request and receive initial authentication data from the user, the initial authentication data comprising wallet data associated with the user, using the initial authentication data, initiate a search for confidential data associated with the user in the at least one database, and if confidential data associated with the user is found, transmit to the client interface and present to the user a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete telephone number associated with the confidential data of the user, and wherein the other selectable options correspond to false options comprising a plurality of randomly generated incomplete telephone numbers provided in a format similar to the transmitted portion of the telephone number associated with the confidential data of the user, receive a selection from the user of a selected one of the options, and if the selected one of the options is the correct option, request and receive entry of additional data by the user to complete the telephone number, and if the additional data correctly completes the telephone number associated with the confidential data of the user, generate and transmit a PIN to the client interface; and an automated telephone calling system in communication with the server for automatically placing a telephone call to a telephone number selected by the user when the processor determines that the additional data correctly completes the telephone number associated with the confidential data of the user, wherein the automated telephone calling system is configured to request and receive entry of the PIN by the user via a client device associated with the telephone call to the user to complete authentication of an identity of the user.
An identity verification system comprises a server that provides selective access to user's confidential data. The system receives initial wallet data and searches for associated confidential data in a database. If found, it transmits multiple, randomly ordered answer options to the user, one of which is the correct *incomplete* phone number, while the others are randomly generated but similarly formatted. Upon correct selection, the system asks for data to complete the number. If correctly completed, the system generates and transmits a PIN to the client. An automated calling system calls a number selected by the user and requests the user enters the PIN via a client device associated with the call, to complete authentication.
22. A method for authenticating an identity of a user seeking access to data related to the user via a client device in communication with a server, the method comprising the steps of: requesting by the server and receiving from the client device initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; using the initial authentication data, initiating a search for confidential data associated with the user in at least one database associated with the server, and if confidential data associated with the user is found, transmitting to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete telephone number associated with the confidential data of the user, and wherein the other selectable options correspond to false options comprising a plurality of randomly generated incomplete telephone numbers provided in a format similar to the transmitted portion of the telephone number associated with the confidential data of the user; receiving a selection from the user of a selected one of the options, and if the selected one of the options is the correct option, requesting by the server and receiving from the client device additional data entered by the user to complete the incomplete portion of the confidential data associated with the user; determining by the server whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; automatically placing a telephone call via a processor associated with an automatic telephone calling system to a telephone number selected by the user when the server determines that the additional data correctly completes the telephone number associated with the confidential data of the user; generating and transmitting a PIN to the user via either the server or the automatic telephone calling system; receiving entry of the PIN by the user through the other of either the server or the automatic telephone calling system; determining whether the received PIN matches the PIN transmitted to the user; and if identical, granting the user access to the data related to the user.
A method for authenticating a user comprises the steps of: requesting wallet data, searching for user confidential data within a database, and presenting randomly ordered options containing one correct *incomplete* telephone number to the user. If the user selects the correct option, they enter data to complete the phone number. If the phone number is correctly completed, the system places an automated telephone call to the selected phone number. A PIN is generated and transmitted either via the server or the phone system. The user enters the PIN via either the server or the phone system. The entered PIN is compared with the transmitted PIN. If the PINs match, the user gains access to the data.
23. A non-transitory computer readable medium having software code for execution on a computer processor, for authenticating an identity of a user seeking access to confidential data related to the user over a network via a client interface, comprising: a first code segment for requesting by the server and receiving from the client device initial authentication data entered by the user, the initial authentication data comprising wallet information associated with the user; a second code segment for initiating a search, using the initial authentication data, for confidential data associated with the user in the at least one database; a third code segment for transmitting to the client device a plurality of randomly ordered and selectable options, wherein one of the selectable options corresponds to a correct option comprising an incomplete telephone number associated with the confidential data of the user, and wherein the other selectable options correspond to false options comprising a plurality of incomplete telephone numbers provided in a format similar to the transmitted portion of the telephone number associated with the confidential data of the user; a fourth code segment for receiving a selection from the user of a selected one of the options; a fifth code segment for determining if the selected one of the options is the correct option; a sixth code segment for requesting by the server and receiving from the client device additional data entered by the user to complete the incomplete portion of the confidential data associated with the user; a seventh code segment for determining by the server whether the additional data entered by the user correctly completes the incomplete portion of the confidential data; a eighth code segment for automatically placing a telephone call via a processor associated with an automatic telephone calling system to a telephone number selected by the user; a ninth code segment for generating and transmitting a PIN to the user via the server or via the automatic calling system; a tenth code segment for receiving entry of the PIN by the user in either the client device or a device associated with the telephone call; a eleventh code segment for determining whether the received PIN matches the PIN transmitted to the user; and if identical, a twelfth code segment for granting the user access to the confidential data of the user.
A computer-readable medium contains software for authenticating user identity with these code segments: (1) Request/receive wallet info. (2) Search for confidential user data. (3) Transmit multiple answer choices, with one correct incomplete phone number. (4) Receive user selection. (5) Determine if the selection is correct. (6) Request/receive completion data. (7) Determine if the phone number is complete. (8) Place an automated telephone call. (9) Generate and send a PIN. (10) Receive entered PIN. (11) Check if the received PIN matches the sent PIN. (12) Grant access to confidential user data if the PINs match.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
March 9, 2010
September 3, 2013
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.